From 510ce3bec7915a790fbf75ace5521e437d9d416a Mon Sep 17 00:00:00 2001 From: Dennis Brentjes Date: Fri, 21 Oct 2016 14:01:26 +0200 Subject: Adds SSL connections between nodes. --- node/node.cpp | 41 +++++++++++++++++++++++++++++------------ 1 file changed, 29 insertions(+), 12 deletions(-) (limited to 'node/node.cpp') diff --git a/node/node.cpp b/node/node.cpp index 04ed4f1..2dfbba8 100644 --- a/node/node.cpp +++ b/node/node.cpp @@ -11,12 +11,13 @@ using namespace boost::asio::ip; Node::Node(ListenSettings const& listen_settings, NodeNetworkSettings network_settings) : io_service() -, server(io_service, listen_settings, [this](boost::asio::ip::tcp::socket&& socket){accept_handler(std::move(socket));}) +, ctx(std::make_shared(boost::asio::ssl::context::sslv23)) +, server(io_service, listen_settings, ctx, [this](std::unique_ptr>&& socket, std::shared_ptr ctx){accept_handler(std::move(socket), ctx);}) , clients() , data() , network_settings(network_settings) -, prev_node(Receiver(tcp::socket(io_service))) -, next_node(Sender(tcp::socket(io_service))) +, prev_node(SSLReceiver(std::unique_ptr>(new boost::asio::ssl::stream(io_service, *ctx)))) +, next_node(SSLSender(std::unique_ptr>(new boost::asio::ssl::stream(io_service, *ctx)))) , api(get_implementation()) , keypair(api.create_key_pair()) , network_key() @@ -24,11 +25,9 @@ Node::Node(ListenSettings const& listen_settings, NodeNetworkSettings network_se { GOOGLE_PROTOBUF_VERIFY_VERSION; - auto on_connect = [this, network_settings](){ - next_node.async_send(cmix_proto::ImANode()); - }; - - next_node.async_connect(network_settings.next_host, network_settings.next_port, on_connect); + if(network_settings.is_first) { + connect_to_next_node(); + } } Node::~Node() { @@ -39,9 +38,9 @@ void Node::run() { io_service.run(); } -void Node::accept_handler(boost::asio::ip::tcp::socket&& socket) +void Node::accept_handler(std::unique_ptr>&& socket, std::shared_ptr ctx) { - std::list::iterator it = purgatory.emplace(purgatory.end(), std::move(socket)); + Purgatory::iterator it = purgatory.emplace(purgatory.end(), std::move(socket)); purgatory.back().on_done( [this, it]() { purgatory.erase(it); @@ -53,6 +52,20 @@ void Node::accept_handler(boost::asio::ip::tcp::socket&& socket) }); } +void Node::connect_to_next_node() +{ + if(!network_settings.certdir.empty()) { + ctx->add_verify_path(network_settings.certdir); + } + + auto on_connect = [this](){ + BOOST_LOG_TRIVIAL(trace) << "Connected to next_node"; + next_node.async_send(cmix_proto::ImANode()); + }; + + next_node.async_connect(network_settings.next_host, network_settings.next_port, on_connect); +} + void Node::start_initialisation() { cmix_proto::Initialization init; init.set_public_share(keypair.pub, keypair.pub_len); @@ -105,6 +118,8 @@ void Node::handle_node_secretkey(cmix_proto::SecretKey const& secret) if(network_settings.is_first) { start_precomputation(); + } else { + next_node.async_send(secret); } } @@ -173,11 +188,13 @@ void Node::handle_client_message(ClientConnections::key_type handle, cmix_proto: void Node::handle_imanode(Purgatory::iterator handle) { handle->on_done([]{}); - prev_node = Receiver(std::move(*handle)); + prev_node = SSLReceiver(std::move(*handle)); purgatory.erase(handle); if(network_settings.is_first) { start_initialisation(); + } else { + connect_to_next_node(); } prev_node.async_receive([this](cmix_proto::CMixMessage message){ @@ -187,7 +204,7 @@ void Node::handle_imanode(Purgatory::iterator handle) { void Node::handle_imaclient(Purgatory::iterator handle, cmix_proto::ImAClient c) { std::string client_id = c.id(); - clients.emplace(c.id(), SenderReceiver(std::move(*handle))); + clients.emplace(c.id(), SSLSenderReceiver(std::move(*handle))); clients.at(c.id()).on_done([this, client_id]{ clients.erase(client_id); }); -- cgit v1.2.3-70-g09d2